diff options
Diffstat (limited to 'src/or/onion.c')
-rw-r--r-- | src/or/onion.c | 46 |
1 files changed, 24 insertions, 22 deletions
diff --git a/src/or/onion.c b/src/or/onion.c index 211d14c1e..f8c4d72b5 100644 --- a/src/or/onion.c +++ b/src/or/onion.c @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2011, The Tor Project, Inc. */ + * Copyright (c) 2007-2012, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -29,9 +29,11 @@ typedef struct onion_queue_t { #define ONIONQUEUE_WAIT_CUTOFF 5 /** First and last elements in the linked list of circuits waiting for CPU - * workers, or NULL if the list is empty. */ + * workers, or NULL if the list is empty. + * @{ */ static onion_queue_t *ol_list=NULL; static onion_queue_t *ol_tail=NULL; +/**@}*/ /** Length of ol_list */ static int ol_length=0; @@ -170,12 +172,12 @@ onion_pending_remove(or_circuit_t *circ) * The meeting point/cookies and auth are zeroed out for now. */ int -onion_skin_create(crypto_pk_env_t *dest_router_key, - crypto_dh_env_t **handshake_state_out, +onion_skin_create(crypto_pk_t *dest_router_key, + crypto_dh_t **handshake_state_out, char *onion_skin_out) /* ONIONSKIN_CHALLENGE_LEN bytes */ { char challenge[DH_KEY_LEN]; - crypto_dh_env_t *dh = NULL; + crypto_dh_t *dh = NULL; int dhbytes, pkbytes; tor_assert(dest_router_key); @@ -204,12 +206,12 @@ onion_skin_create(crypto_pk_env_t *dest_router_key, PK_PKCS1_OAEP_PADDING, 1)<0) goto err; - memset(challenge, 0, sizeof(challenge)); + memwipe(challenge, 0, sizeof(challenge)); *handshake_state_out = dh; return 0; err: - memset(challenge, 0, sizeof(challenge)); + memwipe(challenge, 0, sizeof(challenge)); if (dh) crypto_dh_free(dh); return -1; } @@ -221,19 +223,19 @@ onion_skin_create(crypto_pk_env_t *dest_router_key, */ int onion_skin_server_handshake(const char *onion_skin, /*ONIONSKIN_CHALLENGE_LEN*/ - crypto_pk_env_t *private_key, - crypto_pk_env_t *prev_private_key, + crypto_pk_t *private_key, + crypto_pk_t *prev_private_key, char *handshake_reply_out, /*ONIONSKIN_REPLY_LEN*/ char *key_out, size_t key_out_len) { char challenge[ONIONSKIN_CHALLENGE_LEN]; - crypto_dh_env_t *dh = NULL; + crypto_dh_t *dh = NULL; ssize_t len; char *key_material=NULL; size_t key_material_len=0; int i; - crypto_pk_env_t *k; + crypto_pk_t *k; len = -1; for (i=0;i<2;++i) { @@ -284,15 +286,15 @@ onion_skin_server_handshake(const char *onion_skin, /*ONIONSKIN_CHALLENGE_LEN*/ /* use the rest of the key material for our shared keys, digests, etc */ memcpy(key_out, key_material+DIGEST_LEN, key_out_len); - memset(challenge, 0, sizeof(challenge)); - memset(key_material, 0, key_material_len); + memwipe(challenge, 0, sizeof(challenge)); + memwipe(key_material, 0, key_material_len); tor_free(key_material); crypto_dh_free(dh); return 0; err: - memset(challenge, 0, sizeof(challenge)); + memwipe(challenge, 0, sizeof(challenge)); if (key_material) { - memset(key_material, 0, key_material_len); + memwipe(key_material, 0, key_material_len); tor_free(key_material); } if (dh) crypto_dh_free(dh); @@ -310,7 +312,7 @@ onion_skin_server_handshake(const char *onion_skin, /*ONIONSKIN_CHALLENGE_LEN*/ * After the invocation, call crypto_dh_free on handshake_state. */ int -onion_skin_client_handshake(crypto_dh_env_t *handshake_state, +onion_skin_client_handshake(crypto_dh_t *handshake_state, const char *handshake_reply, /* ONIONSKIN_REPLY_LEN bytes */ char *key_out, size_t key_out_len) @@ -338,11 +340,11 @@ onion_skin_client_handshake(crypto_dh_env_t *handshake_state, /* use the rest of the key material for our shared keys, digests, etc */ memcpy(key_out, key_material+DIGEST_LEN, key_out_len); - memset(key_material, 0, key_material_len); + memwipe(key_material, 0, key_material_len); tor_free(key_material); return 0; err: - memset(key_material, 0, key_material_len); + memwipe(key_material, 0, key_material_len); tor_free(key_material); return -1; } @@ -379,8 +381,8 @@ fast_server_handshake(const uint8_t *key_in, /* DIGEST_LEN bytes */ memcpy(key_out, out+DIGEST_LEN, key_out_len); r = 0; done: - memset(tmp, 0, sizeof(tmp)); - memset(out, 0, out_len); + memwipe(tmp, 0, sizeof(tmp)); + memwipe(out, 0, out_len); tor_free(out); return r; } @@ -424,8 +426,8 @@ fast_client_handshake(const uint8_t *handshake_state,/*DIGEST_LEN bytes*/ memcpy(key_out, out+DIGEST_LEN, key_out_len); r = 0; done: - memset(tmp, 0, sizeof(tmp)); - memset(out, 0, out_len); + memwipe(tmp, 0, sizeof(tmp)); + memwipe(out, 0, out_len); tor_free(out); return r; } |